Language Selection

English French German Italian Portuguese Spanish

today's howtos

Filed under
HowTos
  • Make CapsLock useful (again) on Linux and Windows

    Once upon a time a post by Nikitonsky has inspired me to organize the hand movement on a keyboard by utilizing a CapsLock key. The idea is to use arrow keys without moving your hands from a default position, remapping the arrows to CapsLock + j/l/i/k. It’s been more than a year since I’ve tried that, and while I didn’t completely internalize this new layout (it’s hard to break habits!), it definitely has improved my typing experience.

    Nikita provides an excellent motivation for this endeavor in his blog post, so I won’t repeat it here. I’ll just describe a few additional changes made to this layout since I started using it: [...]

  • How To Build A Jekyll Site Using Simple.css

    As Bugs Bunny once said - that’s all, folks! We have come to the end of this rather long guide on how to build a Jekyll site using Simple.css and Netlify. This is by far the longest post I have ever written - at nearly 7,000 words, but I wanted to be as verbose as possible so that the barrier for entry is low. Some technical knowledge is always required when working with static site generators, like Jekyll. So please bear that in mind if you decide to give this a go.

  • usbkill the OpenBSD way

    So what is hotplugd, and how can it be useful? The man page does a good job of explaining it. Simply put: when any device is attached to or detached from your machine hotplugd will execute a script.

    To see how simple it is to write a hotplug script we can start by simply logging device attach events. First, start by enabling and starting hotplugd (as root): [...]

  • Decrypting TLS Streams With Wireshark: Part 3

    To make life easier for the recipients of your capture file with secrets file, you can also merge both files together: embedding the secrets into the pcapng file. This way, they don’t have to configure secrets files in Wireshark, just opening the pcapng file is sufficient for the TLS traffic to be decrypted.

  • Download and install CentOS 7 Server Minimal ISO on PC or virtualbox

    If you don’t want to install around 4GB or 9.5GB ISO file of CentOS 7 then, use the 900 MB ISO image to install the minimal version with only the base package on your server.

    On one hand, where CentOS 8 Linux will stop getting further updates in December of this year, CentOS 7 Linux still has a long time to reach the end of its life that is stipulated in 2024. Thus, if you want to start with this server Linux distro then still you have enough time, and here will let you know how to install CentOS 7 minimal version on Server, PC, or VirtualBox.

  • Moving from Lubuntu 18.04 to 20.10 | Fitzcarraldo's Blog

    The Lubuntu developers will no longer be supporting Lubuntu 18.04, the final release of Lubuntu to use LXDE, after April this year. I therefore decided to replace it with Lubuntu 20.10 on the family desktop machine (a single-seat, multi-user installation).

  • How to Install NGINX on Ubuntu 20.04 and Host Website

    NGINX is an open-source web server software. You can deploy NGINX as a standalone web server, or as a proxy in front of other web servers (in essence, reverse proxy). Nginx is one of the best web servers to host a high traffic website.

    In this tutorial, we will focus on installing NGINX as a standalone web server on Ubuntu 20.04.

  • Automating responses to scripts on Linux using expect and autoexpect

    The Linux expect command takes script writing to an entirely new level. Instead of automating processes, it automates running and responding to other scripts. In other words, you can write a script that asks how you are and then create an expect script that both runs it and tells it that you're ok.

More in Tux Machines

Security Leftovers

  • New coalition aims to combat growing wave of ransomware attacks [iophk: Windows TCO]

    The California-based nonprofit aims to produce recommendations that will help governments and the private sector tackle the scourge of ransomware attacks.

    [Attackers] have increasingly used these types of attacks -- which involve accessing and encrypting the victim’s network and demanding payment to allow access again -- to hit major targets, with city governments in Atlanta, Baltimore and New Orleans severely impaired by ransomware attacks over the past two years.

    More recently, hospitals have become a target during the COVID-19 pandemic, with cyber criminals seeing vulnerable hospitals as easy targets more likely to pay a quick ransom as health care systems struggle to keep up with coronavirus cases. In some instances, the cyberattacks have been blamed for deaths due to delayed care.

  • This tiny shortcut can completely crash your Windows 10 device

    A zero-day exploit has been discovered that can crash your Windows 10 device – and, even more worrying, can be delivered inside a seemingly harmless shortcut file. The vulnerability can corrupt any NTFS-formatted hard drive and even be exploited by standard and low privilege user accounts.

    Security researcher Jonas Lykkegaard referenced the vulnerability on Twitter last week and had previously drawn attention to the issue on two previous occasions last year. Despite this, the NTFS vulnerability remains unpatched.

    There are various ways to trigger the vulnerability that involve trying to access the $i30 NTFS attribute on a folder in a particular way. One such exploit involves the creation of a Windows shortcut file that has its icon location set to C:\:$i30:$bitmap. Bleeping Computer found that this triggered the vulnerability even if users did not attempt to click on the file in question. Windows Explorer’s attempts to access the icon path in the background would be enough to corrupt the NTFS hard drive.

  • This Easily-Exploitable Windows 10 NTFS Bug Can Instantly Corrupt Your Hard Drives

    Jonas says that this Windows 10 bug isn't new and has been around since the release of Windows 10 April 2018 Update, and remains exploitable on the latest versions, as well. BleepingComputer shared that the problematic command includes $i30 string, a Windows NTFS Index Attribute associated with directories.

    [...]

    After running the command, Windows 10 will start displaying prompts to restart the device and repair the corrupted drive. Apparently, the issue also impacts some Windows XP versions and similar NTFS bugs have been known for years but are yet to be addressed by the Windows maker.

  • Nidhi Razdan, Phishing, And Three Hard Lessons

    Nidhi Razdan, a career journalist, became a victim of an elaborate phishing attack that made her quit her 21-year-old job and part with many of her personal details.

  • Windows Finger command abused by phishing to download malware

    Attackers are using the normally harmless Windows Finger command to download and install a malicious backdoor on victims' devices. The 'Finger' command is a utility that originated in Linux/Unix operating systems that allows a local user to retrieve a list of users on a remote machine or information about a particular remote user. In addition to Linux, Windows includes a finger.exe command that performs the same functionality.

Security Auditing Tools For Ubuntu

Malware, where aren’t thou found? Well, even our wonderful Ubuntu can be infected. So what can we do about it? Hope and pray we keep our system safe and better yet, audit our systems regularly for malwares and rootkits. There are 4 system auditors for Ubuntu that we will review - lynis, rkhunter, chkrootkit, and clamav. [...] Oddly enough, there aren’t many tools to scan for malware out there for Linux. Why? I’m not sure. However, these 4 tools are more than enough to detect malwares, rootkits, and viruses. Read more Also: Windows Finger command abused by phishing to download malware

today's howtos

  • Easily rename your Git default branch from master to main

    You might say, "I'm all for not using master in master-slave technical relationships, but this is clearly an instance of master-copy, not master-slave."

  • How to get IP Address in Linux using Command terminal - Linux Shout

    To connect some local running server application via browser, access FTP server, and many other times we require to know our system Ip address. Thus, if you are running some Linux operating system then here is the way to check out your current IP Address using the command terminal.

  • How To Use NMAP

    Nmap (or Nmapper) is a free and open-source network scanner used for analysis, security audits, and network exploration. You use it to discover hosts and services on a computer network by sending packets and analyzing the responses all in an easy-to-use manner. Let us take a look at how to use Nmap.

  • How to get the best Arch Linux servers to update your system | Arcolinux.com

    You may have seen me struggle with the Arch Linux servers in one of my videos. Time to dive into the application reflector. Read all about it on your own computer. Type reflector –help in the terminal and read more. Servers speed and service all depend on your own network, your isp, your country’s policy (port blocking) and the servers around you. As a result we have now several aliases to get the best servers out there.

  • How to Install Terraform on Ubuntu 20.04

    Terraform is an infrastructure as a code platform developed by HashiCorp. You can simply write code in the human-readable format following HashiCorp Configuration Language (HCL) and deploy it to get the infrastructure in the cloud. Terraform is supported in many cloud providers like Google, Amazon, Alibaba, etc. Here in this article, we are going to install the latest version of terraform on Ubuntu. We are performing terraform installation on Ubuntu 20.04 however you can do the same procedure on all Linux platforms. Also, learn how to use terraform with simple example by launch an ec2 instance and create s3 bucket.

  • Operator integration testing for Operator Lifecycle Manager - Red Hat Developer

    Operators are one of the ways to package, deploy, and manage application distribution on Red Hat OpenShift. After a developer creates an Operator, the next step is to get the Operator published on OperatorHub.io. Doing this allows users to install and deploy the Operator in their OpenShift clusters. The Operator is installed, updated, and the management lifecycle is handled by the Operator Lifecycle Manager (OLM).

  • Deploy your own Matrix server on Fedora CoreOS - Fedora Magazine

    Today it is very common for open source projects to distribute their software via container images. But how can these containers be run securely in production? This article explains how to deploy a Matrix server on Fedora CoreOS.

  • Set up a minimal server on a Raspberry Pi | Opensource.com

    Recently, the microSD (secure digital) card in my Raspberry Pi stopped working. It had been in constant use as a server for almost two years, and this provided a good opportunity to start fresh and correct a few problems. After its initial installation, it began experiencing disk problems and the official Raspberry Pi operating system (OS) received a significant update (and was renamed from Raspbian to Raspberry Pi OS). So I acquired a new microSD card and preceded to rebuild. Although this Raspberry Pi 3 Model B isn't the latest hardware, it is still adequate for running a minimal server for various services. I think my original installation used the full operating system image that includes the graphical user interface and a lot of other software packages unnecessary for my needs. This step-by-step guide shows how I set up my Raspberry Pi with the most minimal configuration to conserve precious system resources.

Chafa 1.6.0: Wider

Here’s another one from the terminal graphics extravaganza dept: Chafa 1.6.0 brings fullwidth character support, so in addition to the usual block elements and ASCII art, you now get some mean CJK art too. Or grab as many fonts as you can and combine all of the Unicode into one big glorious mess. Chafa can efficiently distinguish between thousands of symbols, so it also runs fast enough for animations — up to a point. Since some users want this in environments where it’s not practical to build from source or even to have nice things like GLib, I’ve started adding statically linked builds. These are pretty bare-bones (fewer image loaders, no man page), so look to your steadfast distribution first. Speaking of distributions, a big thank you to the packagers. Special thanks go to Florian Viehweger for getting in touch re. adding it to OpenBSD ports, and Mo Zhou (Debian), Michael Vetter (openSUSE), Herby Gillot (MacPorts), @chenrui and Carlo Cabrera (Homebrew) for getting 1.6 out there before I could even finish this post. Read more